2014.03.20 bdm transport insurance seminar presentation
DESCRIPTION
BDM Transport Insurance Seminar in AntwerpTRANSCRIPT
Living and working in a riskier world From Risk Management to Risk Leadership
20 March 2014
Julia GrahamFERMA President
What we stand for
Co-ordinate, promote and support the development and use of risk management, insurance and risk financing in Europe
Be a significant stakeholder in the decision making process at the European level on risk management, insurance and risk financing – Profession– Innovation– Diversity
We go where others do not go
Leading risk management and insurance across Europe
Where we are
22 member associations in 20 countries
4336 individual members who are responsible for risk management and / or insurance in their organisations
Who we are
Our leadership team
Pierre SonigoSecretary
General
Florence BindelleExecutive Manager
Alessandro de Felice
Vice President
Michel DenneryVice President
Jo WillaertVice President
Julia GrahamPresident
Fernand De Winter
Treasurer
Three lines of defence
Source: ECIIA - Making the most of the Internal Audit Function
Risk management
“Why do you have brakes in a car? So you can drive faster safely. Why do you have good risk management? So you can pursue your business goals more energetically….” FT
"In an emergency the driver needs to know where the brakes are and how to use them properly. This is why you need good crisis management" …. JG
Old risk management
– Risk management as stand alone activity– Driven by audit – Based on rules – Of-the-shelf systems and solutions with pre-determined lists of risks– Focused only on threats– Mainly hard controls about tangible things – insurable– Artificially implemented or imposed – Stand-alone and not part of the business – Static, out-of-date – "we've done that" and filed away – Viewed as purely a cost overhead – Abandoned because nobody pays attention
Source: International Federation of Accountants - IFAC
No risk is an island
It's risk management Jim but not as we've known it
A strategic business discipline that supports the achievement of the organisation's objectives by addressing the full spectrum of its risks and managing the combined impact of those risks as an interrelated risk portfolio
New risk management
– Risk management driven by objectives– Board and management driven – by example and from the top of the business– Based on principles and not rules– Tailor made to the business – Focused on opportunities as well as threats– As much about social / human / cultural aspects – not insurable– Organically implemented– "Part of the way we do things here" - integrated – Dynamic, evolving – not left on a shelf– Creates results and add value – with measures– Supported and long term
Source: International Federation of Accountants - IFAC
Leadership in risk management
• Board level supervision of risk management increasing and there is increasingly a role for leadership of risk management
• The majority of companies have education and review processes in place that keep the Board informed about risk exposures
• Most think communication between the Board and the "CRO" could be better• Companies aspire to improve the link between risk management and strategic
planning• Risk management has some way to go to use the risk management function for
making more effective strategic decisions• Risk-based incentives as part of remuneration slow• Brand and reputation rising concerns• Some executives and "experts" cite lack of risk management talent as an important
area especially in emerging products and markets• Processes to define risk appetite now in place at nearly half of the companies
Source: Leadership in Risk Management – Zurich, Harvard, FERMA and PRIMO
The first standards committee
Standards commonly used
Source: RIMS 2013 Benchmark Survey Produced by AdvisenAll rights reserved.
ISO 31000 up 5% from 2011
COSO up 2% from 2011
COSO ERM and ISO 31000 are different
Preferences can vary bias - audit and risk
COSO ISO 31000
Lengthy Short
Focused on ERM General approach to managing risk
One cube Framework and process
Skewed to negative Risk can be positive or negative
Risk already exists Risk tied to achieving objectives
Risk & opportunities Opportunities also source of risk
More sequential process More iterative process
Many organisations use COSO and ISO 31000
Reputation is now higher in our risk thinking
Reputations take years to build and minutes to destroy More than giving correct advice and more than a brand
– understanding the value of reputation - often the largest asset – taking ownership of reputation– having a holistic and systematic risk management process– understanding the expectations of our clients– identifying the main causes of risk– applying joined up management– viewing reputation as a risk consequence– having good crisis management for when things go wrong
Roads to Resilience "future proofing"
The next risk management generation Capability to deal with the unexpected Everyone acutely aware of risk – "bristling with risk awareness" Not a special function – everyone's job Widening scope of risk Widening of knowledge and skills for the "risk manager" Moving away from physical assets and people Client experience, brand and reputation key assets The range of assets at risk has changed In the world of social media firms cannot risk manage as if nothing has changed Risk management more facilitators than managers All levels of risk embraced
Evolution from risk management to building resilience
Principles of the resilient organisation
Exceptional radar Value and build strong relationships internally and externally Leaders that are respected and respectful The ability to respond rapidly Diversified resources We live and work in a riskier world Top Management
– Board directors believe that they should spend more time on strategy, talent and risk
Risk Managers– Risk managers must develop business leadership skills, become a business
discipline and add significant value - or stay as fragmented technical people called upon only when needed
Source: Roads to Resilience AIRMIC
Challenges to achieving resilience
The Risk Manager Overcoming barriers
– don't over analyse The role is changing
– no hiding behind rules and regulations– valued senior advisor– get out and engage
More about culture, behaviour, mind-set and insights
Enablers and behaviours People and culture Business structure Strategy, tactics and operations Leadership and governance
Risk management will become risk leadership
Position risk management will continue to assume a higher priority strong board involvement advocated to facilitate strategic and enterprise-wide risk more energy devoted to defining risk appetite, tracking, measuring and analysing risk
Challenges risk ownership and communication at all levels links between risk management and strategic planning and management communication between the board and risk management risk based incentives risk management talent pool with the right talent risk forecasting
Evidence to suggest that well risk managed businesses will be more profitable
Risk management will be recognised as a profession
What profession? Predicted that there will be fewer but more senior professionals
– as risk management matures and moves towards first line management The profession is generic and requires definition Professional certification:
– knowledge– experience– ethics– continuing professional development– business and operational model
Some similarities to Non Executive Directors Watch this space ….
Diversity in the teams works
In summary
Effective risk management is NOT just about compliance Risk is at the heart of strategy and effective risk management should be an enabler
and a potential differentiator Growth in a flat market can only be achieved by taking risks – these must be calculated
and transparent Reputation is critical and reputation risk management should be prioritised The tone is set at the top and the C-suite will take a stronger role in leading the risk
management effort in Europe The information required to take risk aware decisions is most likely to exist already
inside the company Risk management must be owned by the business Risk managers must be fit for the challenge
Knowledge
Skills
EthicsCPD
Business model
What FERMA is doing
25